Finding a security management job after an economic downturn

When the economy's tight, what's the best way to find work as a security manager with the CISSP certification? In this expert response, learn how to market your skills to find a security job you're well suited for.

I just got my CISSP certification and I am hoping to leverage it to find a security management position. In this troubled economy, are their any sectors of the profession that you see as ripe for growth that I should focus on?

There are two major (and overlapping) areas that I recommend you look into: professional services and compliance....

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

These are by far the two fastest-growing segments. More and more companies are outsourcing portions of their security practice in an effort to reduce costs. Additionally, many companies are using outside consulting firms to shore up information security weaknesses. This is especially true of the software development side of the business, where expertise in secure coding and testing is still hard to find internally. The CISSP certification has become part of the hiring criteria for many of the larger consulting firms, so that should at least be a foot in the door.

As compliance regulations like HIPAA, GLBA and SOX have emerged, they have driven huge growth in the information security field. While they have all caused the audit and security industry to grow extensively, not one has done more than the Payment Card Industry Data Security Standard (PCI DSS). PCI is not only one of the most in-depth security-oriented regulations to date, but it is also one of the most complex. As a result, it has driven a truly impressive volume of security hardware and services purchases.

Large organizations require regular audits of their configurations, processes, policies etc., but because of PCI's complexity, an entire industry of advisors has come to the fore whose sole job is to help clients interpret the regulations to ensure they will pass their audits. As a result, this is another area that should provide a rich hunting ground for a job search.

0 comments

E-Mail

Username / Password

Password

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy